Short for ‘malicious software’, malware constitutes any program or file that is harmful to a computer user. Malware is a blanket term for disruptive and damaging software, and covers many different types of threats to your computer safety; such as viruses, spyware, ransomware, adware, worms, Trojans and rootkits.
Every day, the independent IT security institute, AV-TEST registers over 350,000 new malicious programs (malware) and potentially unwanted applications (PUA) highlighting how easily your computer could be infected with disruptive software.
How does malware work?
Depending on the intent of the author, malware can work in a number of different ways, performing a variety of functions such as hijacking the computer, encrypting, deleting data or simply monitoring computer activity without permission.
The goals of most malware authors is to make money from their program, either by extracting payment from their target in exchange for the return of access to their computer (ransomware), or by selling their software to the highest bidder on the dark web.
One of the most high profile examples of a malware attack in recent years was the WannaCry ransomware attack, which affected users worldwide by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.
More than 200,000 computers were infected via phishing email, which exploited a vulnerability within Microsoft – with the NHS the most prominent victim of the attack with hospitals across the UK affected.
How can malware get on your computer?
There are numerous ways that malware can find its way on to your computer, with the common causes including;
- Online Downloads – a frequent cause of malware entering your computer, malware authors hide damaging programs within download files, commonly in the form of Trojan horses that are activated after installation.
- Drive-by Downloads – unlike the above, drive-by downloads do not require consent to enter your computer, with triggers such as visiting a webpage enough for authors to commence a download.
- Removable Drives – infected removable drives, such as USBs and external hard drives, can be used to spread malware from one device to another without any online interaction taking place.
- Phishing – emails that are designed to have come from official sources, containing sensitive information such as delivery details, tax refunds, or invoices to encourage users to open and interact with them.
How does malware affect your computer?
The installation of malware can have a significant impact on your computer’s performance, as well as the privacy of your sensitive data, which can be potentially accessed by hackers.
With attacks where your computer is effectively ‘held hostage’ by hackers, it can be impossible to use your computer before an adequate ransom has been paid. According to research by Sophos, the average cost of a ransomware attack on businesses was $133,000, with another organisation calculating that ransomware costs businesses more than $75 billion per year.
The average cost in time of a malware attack is 50 days – highlighting the seriousness that an infiltration can have on your business, significantly limiting productivity, performance and time and potential damage to brand reputation.
How can malware be prevented?
Fortunately, there are steps that you can take to protect yourself, and your business from the detrimental effects of a malware attack.
Installing anti-virus software will provide reactive protection for your computer, but will fail to protect your network in the event of an attack – this is especially prevalent if your anti-virus software is not regularly updated to protect against the latest security threats.
Regular patching and updating your anti-virus software is important as well as updating your operating system, browsers, and plugins. As Windows users found out in 2017’s WannaCry ransomware attack, even small vulnerabilities can be exploited with devastating effect. Ensuring you have the latest security upgrades and patches will help provide some added protection for your devices.
It is also important to stay vigilant. If a website looks suspicious, don’t visit it. If an email looks too good to be true, it probably is. Especially with phishing emails, hackers will use similarly sounding email addresses to trick users, so always read who the email is coming from before clicking on it.
As cyber threats become more sophisticated we advocate a layered security approach to provide better protection of your organisations IT assets and network. This approach will enable you to monitor, detect and remediate the different attack vectors and entry points ensuring that you have all bases covered.
With our proactive managed IT security service, we install, configure, monitor and manage upgrades to your organisation’s IT security, ensuring it’s providing the maximum defense for you and your business.
To learn more about how to protect your computer from malware, and how we can help keep your business’ IT secure and operational, speak to one of our expert consultants on 0118 918 6822, emails us using email@example.com or get in touch via our contact form.
In an increasingly online world, the importance of IT cannot be understated for businesses.
Most companies (89%) expect their IT budgets to grow or stay steady in 2019, with the need to upgrade outdated IT infrastructure is the biggest driver of these budget increases (source).
However, balancing the upgrades and maintenance of your IT infrastructure, as well as the day-to-day IT needs of your employees and customers can become an overwhelming experience for your IT department.
Choosing a managed services provider can help to alleviate this problem – keeping your systems business as usual – allowing your IT department to focus on improving business efficiency and performance.
What is a Managed Service Provider?
A managed service provider (MSP) is an organisation that remotely manages a customer’s IT network and infrastructure, as well as their on premise or cloud applications.
Providing extra IT support when you need it most, managed service providers acts as an extension of your IT team – ensuring that your business’ IT systems remains secure, robust, and operational.
Typically, MSPs operate under a subscription model, creating a scalable IT solution that allows you to choose the coverage that’s the best value for your organisation.
How do Managed Services work?
When outsourcing your IT to a managed service provider, you will have an initial consultation to assess your current IT environment. The infrastructure you have invested in, the systems you use, and your end-to-end applications will be reviewed to ensure that you receive the most suitable managed services support for your business.
As a leading managed service provider, we proactively review your security, infrastructure and system performance and let you know if there are any areas of concern, or network improvements. We also monitor and detect threats to your system in real time, taking immediate action when required, while keeping you informed to protect your business.
What Services can an MSP Offer?
Typically the services that a managed service provider can offer your business is tailored to your IT needs. Typically services provided include:
- IT Support – keeping your infrastructure operational and secure.
- Endpoint Protection – monitoring your applications and network to ensure all suspicious activity is detected and re-mediated.
- Compliance – ensuring you are GDPR compliant.
- Firewall Management – managing your firewall, making sure it’s always optimised and up-to-date to guard against the most recent advances in security threats.
- Security Information and Event Management (SIEM) – constantly monitoring the integrity of your entire IT system, and creates an alert if any potential weaknesses are detected.
Why Choose a Managed Service Provider?
There are many benefits to working with a managed service provider. Here’s why your business should consider working with an MSP:
- Cost Effective – by only paying for the cover your business needs, you can rest assured that your infrastructure is secure without needing to break the bank.
- Flexible – if you only require office-hours support, there’s an option for you, or if you need round the clock, 7 days a week support, you can have the option that gives you the level of managed IT support your business needs.
- Peace of Mind – enables you to focus on your business without having to worry about your IT.
- Expertise – working with a managed service provider allows your business to access a wide pool of knowledge that may not be otherwise available within your in-house IT team.
- Secure – proactively monitoring your IT systems and infrastructure ensures that your business is protected from evolving security threats.
How much do Managed Services Cost?
The cost of working with a managed services provider varies depending on the support your business needs.
At Nouveau, our IT support services are flexible, so you can choose the Service Desk coverage that’s the best value for your organisation. So, whether you need 8-5 support, or 24-7 assistance, we have a range of managed service packages to help ensure your business continues to operate at maximum efficiency.To learn more about managed services, and how we can help keep your business’ IT secure and operational, speak to one of our expert consultants on 0118 918 6822.
Alternatively, you can get in touch via our contact form.
Every day, cloud security threats to your business are becoming more complex, sophisticated and difficult to detect. With 77% of cyber-attacks in 2017 involving the use of file-less malware and exploits to compromise data and/or infrastructure, it’s now more important to ever to ensure that your business’ cloud applications are secure.
Here are four ways that your business can improve its cloud security.
Ensuring your employees only have access to the data necessary to performing their business functions can help mitigate a large amount of risk for your business. Creating different access permissions within your organisation can help make sure that if one of your employees were compromised, there’s a smaller chance that the hacker would gain access to all of your customer and business data.
Going for a single crown jewels approach to your business’ cloud security can be good, but why take it for granted? Even Medieval Lords and Ladies knew not to rely on just the security of their castle gate, often creating a multi-tiered defence, including high walls, moats and ramparts, so that if one layer is penetrated, not all is lost.
The same principle applies for your business’ cloud security. Whilst an all-in-one application can protect your business enterprise, if it is compromised, your business will be left unprotected. In total, there are six layers to consider when securing your cloud applications:
- Human – teach people to spot scams and be careful when storing and sending important information.
- Physical – ensure your physical assets are protected from theft or damage.
- Endpoint – protect devices from running malicious programs that could jeopardise data security.
- Network – secure connections between computers. Monitor entry and exit points, encrypt communications, and keep an eye out for anomalies.
- Application – test applications to ensure they don’t provide avenues for attacks.
- Data – ensure that only the right people all have access to the right data at all times.
Learn more about how your business can benefit from a Layered Security solution.
The traditional username/password combination is no longer good enough way to authenticate who is accessing your applications. Of 10 million compromised accounts analysed in a recent report, it was found that just 25 passwords made up more than half of the list.
To ensure that your business remains safe in the cloud, it’s not only important that your employees are using unique, secure passwords, but are also utilising two-factor authentication. Using two-factor authentication can be an effective way to make sure that users are who they say they are, and adds an additional layer of protection around your logins.
Build Your Firewall
As the major line of defence against cyber threats to your organisation, your firewall needs careful configuration and a high level of ongoing maintenance. Whilst many cloud applications offer robust security, more additional cloud security measures can be applied to your applications, to provide extra peace of mind.
As cyber threats become more sophisticated we advocate a layered security approach to improve your business’ cloud security. We recommend the Fortinet Security Fabric, which delivers broad protection and visibility to every network segment, device, and appliance. Applications today are everywhere, and securing applications at the stack is now the new perimeter. Fortinet’s next-generation security solutions deliver comprehensive protection for your business.
How we can help
As experts in cloud security, and a Fortinet Platinum partner for many years, we can install, configure, monitor and manage upgrades to your organisation’s firewall, ensuring it’s providing the maximum defence for your cloud applications.
Get in touch with one of our expert cloud security consultants today.
Endpoint security is the process of protecting your business’ network through the securing of endpoints – internet-capable devices such as desktops, laptops, smart phones, tablets, and wireless printers.
There are two types of endpoint security:
- Endpoint Protection Platform (EPP): An Endpoint Protection Platform is a preventative tool that provides reactive protection scanning files once they enter your business’ network. This typically takes the form of traditional antivirus software.
- Endpoint Detection & Remediation (EDR): An Endpoint Detection & Remediation platform provides a more proactive solution, continuously monitoring all files and applications that enter a device. This provides greater threat detection, and in turn greater protection for your network.
In order to protect your business and allow it to operate safely and securely, we advocate for an Endpoint Detection & Remediation solution, such as SentinelOne’s Endpoint Protection Platform, which proactively protects your network’s entry points from advanced malware exploits and other cyberattacks that would look to do your business harm.
Why You Need Endpoint Security
Analysing over 35,000 companies and a large number of publicly disclosed breaches – BitSight Insights found that over 2,000 organisations were running more than half of their computers on an outdated version of an operating system—which makes those companies nearly three times as likely to experience a publicly-disclosed breach.
Mobile working is on the rise, with a report from the Work Foundation at Lancaster University predicting that, by 2020, more than 70% of businesses will have adopted flexible working policies.
This creates a challenge for IT Security professionals, as each device remotely connecting to the business’ network creates a potential entry point for security threats. This is especially prevalent when it comes to mobile workers not having access to on premise updates that can provide added protection for networks.
With threats increasing in sophistication and frequency, it’s become even more important to ensure that stability of your network security.
Benefits of Endpoint Security
- Security across all devices: you’re only as strong as your weakest link, and with an endpoint security platform in place, you can rest assured that your business’ barrier to entry is solidified.
- Stop attacks before they can do damage: detecting and mitigating threats where they start not only provides greater security to your network, but can greatly reduce the costs associated with remediation.
- Increased productivity – cyberattacks can slow down computers to a crawl, and in some cases such as the 2017 WannaCry ransomware attack, shut them down completely. This makes work practically impossible. Effective endpoint security eliminates this possibility, maximising your business’ potential output.
- Protection for your customers – ensuring that your business is secure from cyber threats will also help to protect your customers, who could be susceptible to a cyber breach by proxy.
How We Can Help
Nouveau are one of SentinelOne’s first UK managed services partners. With extensive cyber security experience gained from over 25 years of helping clients to mitigate threats across networked, application, cloud and mobile environments, we can offer your business a comprehensive endpoint security package.
Our endpoint security managed service will monitor your endpoints and eliminate threats via proactive monitoring and integrated response in order to protect your business and allow it to operate safely and securely.
To learn more about SentinelOne’s Endpoint Protection Platform, and our managed endpoint security services, get in touch today.
Earlier this month our Managing Director, Andy Stevens, spoke to Comms Dealer about the recent of acquisition of Nouveau Solutions by VINCI Energies – a strategic decision that has led the business to be in a stronger position than ever before.
Reliving our journey from our humble beginnings to our establishment as an industry-leading IT Managed Services Company. We’ve selected a few of our highlights from Andy’s interview below – you can read the full article here.
“Our first big deal in 1995 brought money into the business and enabled us to start building a team and a regular client base, key milestones include achieving Microsoft Gold competency, Fortinet Platinum Partner, moving offices, achieving ISO27001 and 9001 and creating our own SaaS platform
We have built a SIEM proposition and proactive monitoring team, our security side of the business has more than quadrupled. We have also seen a reduction in traditional infrastructure as businesses move to the cloud and associated services. Current focus areas also include SD-WAN, vulnerability management, Security as a Service and building out our cloud stack.”
Choosing the right buyer
“The initial discussions on a possible sale began about a year ago… it was a case of understanding what we did, whether there was a fit and if there was a personal ambition for this to happen. There was no rush nor pressure. But as we continued to grow organically we felt that we could accelerate our growth through the right acquisition.
And, after our best year of trading, we still recognised the expansion we wanted would not come simply through organic growth alone. We didn’t want to sell our business to a private equity firm. We wanted to ensure that our existing team were on board and continue to support our growth moving forwards.”
Meeting the needs of our team
“We were not looking at the time we were approached by VINCI, however, after considerable due diligence and many conversations it became apparent that this could be a viable option which would give us what we personally wanted as well as meeting the needs and ambitions of our staff.
Around 20 per cent of our team have been with us for 10-plus years, we have a low staff turnover, practically no sickness and have built a great positive workplace.”
A time to maximise opportunities
“[VINCI Energies’ acquisition] in effect gives us a whole new channel opportunity, the support of VINCI will make Nouveau a more commercial proposition for new clients with sizeable deals. Our main priorities now are to transition the business and maximise the opportunities available to us through building relationships with other business units, while not taking our eye off the ball.”
Nouveau Solutions is a specialist IT Managed Services Company with a strategic focus on delivering cloud, infrastructure, compliance, network, and security solutions. We focus on making the complex simple, delivering results for your organisation.
To discuss how we can help your business maximise its use of technology to harness growth – speak to one of our IT consultants today on 01189 186822.